On the Internet, we must always be careful, and even more so if we use websites of doubtful legality or if we download pirated content. Our computer, no matter how valuable it may be, can become a jewel for many cybercriminals. On the one hand, there are the dreaded ransomware, a type of “virus” that encrypts our files and asks us for an amount of money in Bitcoin in exchange for unlocking them. And, on the other hand, an increasingly recent practice is the attack with miners of cryptocurrencies. The latter has happened recently among many users who have wanted to see Spider-Man: No Way Home without paying a penny by downloading it through a torrent.
Mining is very cheap … if you don’t use your machines
The cryptocurrency mining is a legitimate business like any other. It basically consists of putting a series of machines to work to provide computational power to a blockchain network. Depending on the cryptocurrency that is mined, computers full of graphic cards are used, with high-power CPUs or even ASICs, which are specific chips designed to work very specific algorithms, which is what happens in the case of Bitcoin. And of course, mine it is legal as long as you do it with your machines, paying for your electricity and if your country allows it.
However, many hackers have seen electronic mining as a highly lucrative business with little cost. Basically, it consists of put other people’s computers to work. It is usually done by infecting computers and even smartphones through programs that pretend to be harmless ones. If the software is well done enough, it will consume just and necessary resources so that the victim never realizes that they are using their computer to mine cryptocurrencies. With a single user, the hacker would not get much reward, but if he manages to infect thousands of users, the attackers can do a good job. Daily loot from infecting other people’s machines.
Taking advantage of Spider-Man’s pull to mine Monero
According to the cybersecurity firm ReasonLabs, many users have distributed all over the world a version of a mining program called SilentXMRMiner camouflaged as if it were a Movie torrent Spider-Man: No Way Home. Such software can be found easily and free of charge from a GitHub repository, and attackers have only had to modify a few pieces of the program to circulate the malware.
The most advanced users would never fall for such a basic trick, since it is not a virus embedded in a video file, but in a Windows executable file with the name ‘spiderman_net_putidomoi.torrent.exe’, which would be equivalent in English to ‘spiderman_no_way_home.torrent.exe’. However, if someone executes this file, either due to confusion or ignorance, your machine will be infected. The SilentXMRMiner will then start to use the computer’s CPU to mine MoneroAt the same time, it will begin to infiltrate the system as a “rootkit”, in processes such as svchost.exe, which is one of the basic pillars of Microsoft Windows, which makes removing malicious software a difficult task.
Furthermore, the malware creates a complex list of exceptions in both the Firewall and Windows Defender, allowing the processes generated by the software to have free way to connect to external servers without our permission.
